The Anthem breach is still fresh in patient and provider minds, but according to an official statement, Premera Blue Cross has also been the subject of a health breach. So far, the response to the encounter is playing out in a way similar to the Anthem incident, with Premera establishing its own website to help educate people about the effects, and offering free credit card monitoring and identity theft insurance.
This attack seems to stretch back nearly a year, with the initial stages launched last May. Premera officially discovered the attack had targeted their IT systems on January 29 2015, and is working with both the FBI and security firm Mandiant in response to what the source referred to as "the infection." Multiple related brands have been affected, including Premera Blue Cross Blue Shield of Alaska and Connexion Insurance Solutions, Inc.
Once again, millions of customers could have been involved in this breach. In a video message, Premera Blue Cross President Jeff Roe said that there is no indication that any of the information which may have been accessed has been "used inappropriately," though the site did specify that PHI like Social Security Numbers and dates of birth could have been made available during this time.
Because this is similar to the Anthem attack and comes not long after, some believe that this may be the work of the same group. Threat Connect believes that the hackers may have used a fake website domain that resembled the real Premera's domain name.
Combating possible HIPAA violations and security gaps should be a priority for all healthcare entities now in the light of these recent intrusions. Healthcare consulting services put the tools for proper response and data monitoring closer within reach for unsure organizations.